release: 2.0.9 (#375)

Author: devxb

gradle/spring.gradle

@@ -5,6 +5,7 @@ jar {
 dependencies {
     implementation "org.springframework.boot:spring-boot-starter"
     implementation "org.springframework.boot:spring-boot-starter-web"
+    implementation "org.springframework.boot:spring-boot-starter-aop"
     implementation "org.springframework.boot:spring-boot-starter-cache"
     implementation "org.springframework.boot:spring-boot-starter-data-jpa"
     implementation "org.springframework.boot:spring-boot-starter-actuator"

src/main/kotlin/org/gitanimals/core/auth/InternalAuth.kt

@@ -3,6 +3,7 @@ package org.gitanimals.core.auth
 import jakarta.servlet.http.HttpServletRequest
 import org.gitanimals.core.AUTHORIZATION_EXCEPTION
 import org.gitanimals.core.AuthorizationException
+import org.gitanimals.core.filter.MDCFilter.Companion.USER_ENTRY_POINT
 import org.gitanimals.core.filter.MDCFilter.Companion.USER_ID
 import org.slf4j.LoggerFactory
 import org.slf4j.MDC
@@ -29,7 +30,7 @@ class InternalAuth(
         SecretKeySpec(decodedKey, "AES")
     }
 
-    fun getUserId(throwOnFailure: () -> Unit = throwCannotGetUserId): Long {
+    fun getUserId(throwOnFailure: () -> Unit = throwCannotGetUserInfo): Long {
         val userId = findUserId()
 
         if (userId == null) {
@@ -80,6 +81,36 @@ class InternalAuth(
         return userId
     }
 
+    fun getUserEntryPoint(throwOnFailure: () -> Unit = throwCannotGetUserInfo): String {
+        val entryPoint = findUserEntryPoint()
+
+        if (entryPoint == null) {
+            throwOnFailure.invoke()
+        }
+
+        return entryPoint ?: throw AUTHORIZATION_EXCEPTION
+    }
+
+    fun findUserEntryPoint(): String? {
+        val entryPointInMdc = runCatching {
+            MDC.get(USER_ENTRY_POINT)
+        }.getOrNull()
+
+        if (entryPointInMdc != null) {
+            return entryPointInMdc
+        }
+
+        httpServletRequest.getHeader(INTERNAL_ENTRY_POINT_KEY)?.let {
+            return it
+        }
+
+        val token: String = httpServletRequest.getHeader(HttpHeaders.AUTHORIZATION) ?: return null
+
+        return runCatching {
+            internalAuthClient.getUserByToken(token).entryPoint
+        }.getOrNull()
+    }
+
     private fun decrypt(iv: ByteArray, secret: ByteArray): Long {
         val cipher = Cipher.getInstance("AES/GCM/NoPadding")
         val spec = GCMParameterSpec(128, iv)
@@ -108,8 +139,9 @@ class InternalAuth(
     companion object {
         const val INTERNAL_AUTH_IV_KEY = "Internal-Auth-Iv"
         const val INTERNAL_AUTH_SECRET_KEY = "Internal-Auth-Secret"
+        const val INTERNAL_ENTRY_POINT_KEY = "Internal-Entry-Point"
 
-        private val throwCannotGetUserId: () -> Unit = {
+        private val throwCannotGetUserInfo: () -> Unit = {
             throw AUTHORIZATION_EXCEPTION
         }
     }

src/main/kotlin/org/gitanimals/core/auth/InternalAuthClient.kt

@@ -22,6 +22,7 @@ fun interface InternalAuthClient {
 
     data class UserResponse(
         val id: String,
+        val entryPoint: String,
     )
 }
 

src/main/kotlin/org/gitanimals/core/auth/InternalAuthRequestInterceptor.kt

@@ -1,5 +1,6 @@
 package org.gitanimals.core.auth
 
+import org.gitanimals.core.filter.MDCFilter.Companion.USER_ENTRY_POINT
 import org.gitanimals.core.filter.MDCFilter.Companion.USER_ID
 import org.slf4j.MDC
 import org.springframework.http.HttpRequest
@@ -23,6 +24,10 @@ class InternalAuthRequestInterceptor(
             MDC.get(USER_ID).toLong()
         }.getOrNull()
 
+        val userEntryPoint = runCatching {
+            MDC.get(USER_ENTRY_POINT)
+        }.getOrNull()
+
         if (userId != null) {
             val encrypt = internalAuth.encrypt(userId = userId)
 
@@ -34,6 +39,10 @@ class InternalAuthRequestInterceptor(
                 InternalAuth.INTERNAL_AUTH_IV_KEY,
                 Base64.getEncoder().encodeToString(encrypt.iv),
             )
+            request.headers.add(
+                InternalAuth.INTERNAL_ENTRY_POINT_KEY,
+                userEntryPoint,
+            )
         }
 
         return execution.execute(request, body)

src/main/kotlin/org/gitanimals/core/auth/RequiredUserEntryPointAspect.kt

@@ -0,0 +1,32 @@
+package org.gitanimals.core.auth
+
+import org.aspectj.lang.ProceedingJoinPoint
+import org.aspectj.lang.annotation.Around
+import org.aspectj.lang.annotation.Aspect
+import org.gitanimals.core.auth.UserEntryPointValidationExtension.withUserEntryPointValidation
+import org.slf4j.LoggerFactory
+import org.springframework.stereotype.Component
+
+@Aspect
+@Component
+class RequiredUserEntryPointAspect {
+
+    private val logger = LoggerFactory.getLogger(this::class.simpleName)
+
+    @Around("@annotation(requiredUserEntryPoints)")
+    fun validate(
+        proceedingJoinPoint: ProceedingJoinPoint,
+        requiredUserEntryPoints: RequiredUserEntryPoints,
+    ): Any? {
+        return withUserEntryPointValidation(
+            expectedUserEntryPoints = requiredUserEntryPoints.expected,
+            onSuccess = { proceedingJoinPoint.proceed() },
+            failMessage = {
+                val message =
+                    "ExpectedUserEntryPoints: \"${requiredUserEntryPoints.expected}\" but request user entryPoint is \"$it\""
+                logger.info("[RequiredUserEntryPointAspect] $message")
+                message
+            }
+        )
+    }
+}

src/main/kotlin/org/gitanimals/core/auth/RequiredUserEntryPoints.kt

@@ -0,0 +1,14 @@
+package org.gitanimals.core.auth
+
+@Target(AnnotationTarget.FUNCTION)
+@Retention(AnnotationRetention.RUNTIME)
+annotation class RequiredUserEntryPoints(
+    val expected: Array<UserEntryPoint>,
+)
+
+enum class UserEntryPoint {
+    ANY,
+    GITHUB,
+    APPLE,
+    ;
+}

src/main/kotlin/org/gitanimals/core/auth/UserEntryPointValidationExtension.kt

@@ -0,0 +1,42 @@
+package org.gitanimals.core.auth
+
+import org.springframework.stereotype.Component
+
+object UserEntryPointValidationExtension {
+
+    private lateinit var internalAuth: InternalAuth
+
+    fun <T> withUserEntryPointValidation(
+        expectedUserEntryPoints: Array<UserEntryPoint>,
+        onSuccess: () -> T,
+        failMessage: (UserEntryPoint?) -> String = { userEntryPoint ->
+            "ExpectedUserEntryPoints: \"$expectedUserEntryPoints\" but request user entryPoint is \"$userEntryPoint\""
+        }
+    ): T {
+        val userEntryPoint = runCatching {
+            val userEntryPointString = internalAuth.getUserEntryPoint {
+                throw IllegalArgumentException(failMessage.invoke(null))
+            }
+            UserEntryPoint.valueOf(userEntryPointString)
+        }.getOrElse {
+            throw IllegalArgumentException(failMessage.invoke(null))
+        }
+
+        require(
+            expectedUserEntryPoints.contains(UserEntryPoint.ANY)
+                    || userEntryPoint in expectedUserEntryPoints
+        ) { failMessage.invoke(userEntryPoint) }
+
+        return onSuccess.invoke()
+    }
+
+    @Component
+    class UserEntryPointValidationExtensionBeanInjector(
+        internalAuth: InternalAuth,
+    ) {
+
+        init {
+            UserEntryPointValidationExtension.internalAuth = internalAuth
+        }
+    }
+}

src/main/kotlin/org/gitanimals/core/filter/MDCFilter.kt

@@ -29,6 +29,7 @@ class MDCFilter(
             MDC.put(TRACE_ID, traceId)
             MDC.put(PATH, request.requestURI)
             internalAuth.findUserId()?.let { MDC.put(USER_ID, it.toString()) }
+            internalAuth.findUserEntryPoint()?.let { MDC.put(USER_ENTRY_POINT, it) }
 
             val elapsedTime = measureTimeMillis {
                 filterChain.doFilter(request, response)
@@ -43,12 +44,14 @@ class MDCFilter(
             MDC.remove(ELAPSED_TIME)
             MDC.remove(PATH)
             MDC.remove(USER_ID)
+            MDC.remove(USER_ENTRY_POINT)
         }
     }
 
     companion object {
         const val USER_ID = "userId"
         const val TRACE_ID = "traceId"
+        const val USER_ENTRY_POINT = "userEntryPoint"
         const val ELAPSED_TIME = "elapsedTime"
         const val PATH = "path"
 

src/main/kotlin/org/gitanimals/guild/controller/GuildController.kt

@@ -4,6 +4,8 @@ import jakarta.servlet.http.HttpServletResponse
 import org.gitanimals.core.AuthorizationException
 import org.gitanimals.core.ErrorResponse
 import org.gitanimals.core.FieldType
+import org.gitanimals.core.auth.RequiredUserEntryPoints
+import org.gitanimals.core.auth.UserEntryPoint
 import org.gitanimals.guild.app.*
 import org.gitanimals.guild.app.request.CreateGuildRequest
 import org.gitanimals.guild.app.response.*
@@ -35,13 +37,15 @@ class GuildController(
 
     @ResponseStatus(HttpStatus.OK)
     @PostMapping("/guilds")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun createGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @RequestBody createGuildRequest: CreateGuildRequest,
     ) = createGuildFacade.createGuild(token, createGuildRequest)
 
     @ResponseStatus(HttpStatus.OK)
     @PostMapping("/guilds/{guildId}")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun joinGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,
@@ -51,6 +55,7 @@ class GuildController(
 
     @ResponseStatus(HttpStatus.OK)
     @PostMapping("/guilds/{guildId}/accepts")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun acceptJoinGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,
@@ -60,6 +65,7 @@ class GuildController(
 
     @ResponseStatus(HttpStatus.OK)
     @DeleteMapping("/guilds/{guildId}")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun kickFromGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,
@@ -69,6 +75,7 @@ class GuildController(
 
     @ResponseStatus(HttpStatus.OK)
     @PatchMapping("/guilds/{guildId}")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun changeGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,
@@ -89,6 +96,7 @@ class GuildController(
 
     @ResponseStatus(HttpStatus.OK)
     @GetMapping("/guilds")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun getAllJoinedGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
     ): GuildsResponse {
@@ -130,6 +138,7 @@ class GuildController(
     }
 
     @PostMapping("/guilds/{guildId}/personas")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun changeMainPersona(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,
@@ -141,12 +150,14 @@ class GuildController(
     )
 
     @DeleteMapping("/guilds/{guildId}/leave")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun leaveGuild(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,
     ) = leaveGuildFacade.leave(guildId)
 
     @PostMapping("guilds/{guildId}/deny")
+    @RequiredUserEntryPoints([UserEntryPoint.GITHUB])
     fun deny(
         @RequestHeader(HttpHeaders.AUTHORIZATION) token: String,
         @PathVariable("guildId") guildId: Long,

src/main/kotlin/org/gitanimals/render/app/AnimationFacade.kt

@@ -2,6 +2,7 @@ package org.gitanimals.render.app
 
 import org.gitanimals.core.Mode
 import org.gitanimals.core.filter.MDCFilter.Companion.TRACE_ID
+import org.gitanimals.render.domain.EntryPoint
 import org.gitanimals.render.domain.User
 import org.gitanimals.render.domain.UserService
 import org.gitanimals.render.domain.event.NewUserCreated
@@ -18,46 +19,71 @@ class AnimationFacade(
     private val contributionApi: ContributionApi,
     private val sagaManager: SagaManager,
     private val eventPublisher: ApplicationEventPublisher,
+    private val githubOpenApi: GithubOpenApi,
 ) {
 
     fun getFarmAnimation(username: String): String {
         return when (userService.existsByName(username)) {
             true -> {
+                setUserAuthInfoIfNotSet(username)
+
                 val svgAnimation = userService.getFarmAnimationByUsername(username)
                 eventPublisher.publishEvent(Visited(username, MDC.get(TRACE_ID)))
                 svgAnimation
             }
 
             false -> {
                 val user = createNewUser(username)
-                sagaManager.startSync(NewUserCreated(user.id, user.name))
-                userService.getFarmAnimationByUsername(user.name)
+                sagaManager.startSync(NewUserCreated(user.id, user.getName()))
+                userService.getFarmAnimationByUsername(user.getName())
             }
         }
     }
 
     fun getLineAnimation(username: String, personaId: Long, mode: Mode): String {
         return when (userService.existsByName(username)) {
             true -> {
+                setUserAuthInfoIfNotSet(username)
+
                 val svgAnimation = userService.getLineAnimationByUsername(username, personaId, mode)
                 eventPublisher.publishEvent(Visited(username, MDC.get(TRACE_ID)))
                 svgAnimation
             }
 
             false -> {
                 val user = createNewUser(username)
-                sagaManager.startSync(NewUserCreated(user.id, user.name))
-                userService.getLineAnimationByUsername(user.name, personaId, mode)
+                sagaManager.startSync(NewUserCreated(user.id, user.getName()))
+                userService.getLineAnimationByUsername(user.getName(), personaId, mode)
             }
         }
     }
 
+    private fun setUserAuthInfoIfNotSet(username: String) {
+        val user = userService.getUserByName(username)
+
+        if (user.isAuthInfoSet().not()) {
+            val githubUserAuthInfo = githubOpenApi.getGithubUser(user.getName())
+            userService.setAuthInfo(
+                name = user.getName(),
+                entryPoint = EntryPoint.GITHUB,
+                githubUserAuthInfo.id,
+            )
+        }
+    }
+
     fun createNewUser(username: String): User {
         return runCatching {
+            val githubUserResponse = githubOpenApi.getGithubUser(username)
             val contributionYears = contributionApi.getAllContributionYears(username)
             val contributionCountPerYear =
                 contributionApi.getContributionCount(username, contributionYears)
-            userService.createNewUser(username, contributionCountPerYear)
+
+            userService.createNewUser(
+                name = username,
+                entryPoint = EntryPoint.GITHUB,
+                authenticationId = githubUserResponse.id,
+                contributions = contributionCountPerYear,
+            )
         }.getOrElse {
             require(it !is RestClientException) { "Cannot create new user from username \"$username\"" }
             throw it